Methods and systems for cloud based wireless channel scanning

ABSTRACT

Embodiments of a device and method are disclosed. In an embodiment, a method for wireless channel scanning involves at a cloud server, building a set of channels for off-channel scanning to be performed by a selected group of wireless access points (APs), at the cloud server, determining whether the set of channels for off-channel scanning can be further pruned to generate a final optimized list of channels for off-channel scanning, and at the cloud server, sending the final optimized list of channels for off-channel scanning to the selected group of wireless APs.

BACKGROUND

Growing adoption of networks, such as, enterprise campus networks allowsenterprises to increase network coverage and functionality. For example,due to the dynamic nature of the business and campuses, switches,gateways, wireless access points (APs), and client devices, such as,laptops, printers, servers, security cameras, and/or other connectedInternet of things (IoT) devices are typically interconnected in anetwork. Wireless network management, for example, wireless channelscanning, plays an important role in ensuring that network design,deployments and/or operations meet agreed upon commitments. For example,wireless channel scanning can be performed periodically for a WirelessIntrusion Prevention System (WIPS), a Wireless Intrusion DetectionSystem (WIDS), channel planning applications, and/or client locationrelated applications. However, wireless channel scanning can bedifficult to implement due to varying wireless channel conditions and/orinterference. Therefore, there is a need for network technology that canprovide efficient wireless channel scanning for a network with wirelesscapabilities.

SUMMARY

Embodiments of a device and method are disclosed. In an embodiment, amethod for wireless channel scanning involves at a cloud server,building a set of channels for off-channel scanning to be performed by aselected group of wireless access points (APs), at the cloud server,determining whether the set of channels for off-channel scanning can befurther pruned to generate a final optimized list of channels foroff-channel scanning, and at the cloud server, sending the finaloptimized list of channels for off-channel scanning to the selectedgroup of wireless APs. Other embodiments are also described.

In an embodiment, at the cloud server, determining whether the set ofchannels for off-channel scanning can be further pruned to generate thefinal optimized list of channels for off-channel scanning includes atthe cloud server, determining whether the set of channels foroff-channel scanning can be further pruned based on preferred scanningchannel (PSC) information.

In an embodiment, at the cloud server, determining whether the set ofchannels for off-channel scanning can be further pruned to generate thefinal optimized list of channels for off-channel scanning includes atthe cloud server, determining whether the set of channels foroff-channel scanning can be further pruned based on historical channelutilization of the selected group of wireless APs.

In an embodiment, at the cloud server, determining whether the set ofchannels for off-channel scanning can be further pruned to generate thefinal optimized list of channels for off-channel scanning includes atthe cloud server, determining whether the set of channels foroff-channel scanning can be further pruned based on active basic serviceset (BSS) data gathered by the selected group of wireless APs.

In an embodiment, the method further includes at the cloud server,causing spectral scans to be performed on the final optimized list ofchannels for off-channel scanning to detect non-WiFi interference.

In an embodiment, the method further includes at the cloud server,causing deauthentication frames to be constructed and transmitted by theselected group of wireless APs on the final optimized list of channelsfor off-channel scanning.

In an embodiment, the method further includes at the cloud server,causing medium access control (MAC) hardware (HW) of the selected groupof wireless APs to be placed in promiscuous mode to capture differenttypes of frames.

In an embodiment, the channels for off-channel scanning are of threedifferent frequency ranges.

In an embodiment, the three different frequency ranges include 2.4gigahertz (GHz), 5 GHz, and 6 GHz.

In an embodiment, each wireless AP of the selected group of wireless APsfurther includes three wireless radio frequency (RF) frontends havingthree different frequency ranges.

In an embodiment, the three wireless RF frontends are of 2.4 gigahertz(GHz), 5 GHz, and 6 GHz.

In an embodiment, a cloud server includes memory and one or moreprocessors configured to build a set of channels for off-channelscanning to be performed by a selected group of wireless access points(APs), determine whether the set of channels for off-channel scanningcan be further pruned to generate a final optimized list of channels foroff-channel scanning, and send the final optimized list of channels foroff-channel scanning to the selected group of wireless APs.

In an embodiment, the one or more processors are configured to determinewhether the set of channels for off-channel scanning can be furtherpruned based on preferred scanning channel (PSC) information.

In an embodiment, the one or more processors are configured to determinewhether the set of channels for off-channel scanning can be furtherpruned based on historical channel utilization of the selected group ofwireless APs.

In an embodiment, the one or more processors are configured to determinewhether the set of channels for off-channel scanning can be furtherpruned based on active basic service set (BSS) data gathered by theselected group of wireless APs.

In an embodiment, the one or more processors are configured to causespectral scans to be performed on the final optimized list of channelsfor off-channel scanning to detect non-WiFi interference.

In an embodiment, the one or more processors are configured to causedeauthentication frames to be constructed and transmitted by theselected group of wireless APs on the final optimized list of channelsfor off-channel scanning.

In an embodiment, the one or more processors are configured to cause MACHW of the selected group of wireless APs to be placed in promiscuousmode to capture different types of frames.

In an embodiment, the channels for off-channel scanning are of threedifferent frequency ranges, and the three different frequency rangesinclude 2.4 GHz, 5 GHz, and 6 GHz.

In an embodiment, a method for wireless channel scanning involves at acloud server, building a set of channels for off-channel scanning to beperformed by a selected group of wireless APs, where the channels foroff-channel scanning are of three different frequency ranges, and wherethe three different frequency ranges comprise 2.4 GHz, 5 GHz, and 6 GHz,at the cloud server, determining whether the set of channels foroff-channel scanning can be further pruned to generate a final optimizedlist of channels for off-channel scanning based on PSC information,historical channel utilization of the selected group of wireless APs,and active BSS data gathered by the selected group of wireless APs, andat the cloud server, sending the final optimized list of channels foroff-channel scanning to the selected group of wireless APs.

Other aspects in accordance with the invention will become apparent fromthe following detailed description, taken in conjunction with theaccompanying drawings, illustrated by way of example of the principlesof the invention.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 depicts a communications system in accordance to an embodiment ofthe invention.

FIG. 2 depicts an embodiment of a network device of the communicationssystem depicted in FIG. 1 .

FIG. 3 depicts a network that can be included in the communicationssystem depicted in FIG. 1 .

FIG. 4 depicts a network that includes multiple wireless APs and caninteract with the cloud server depicted in FIG. 1 for wireless channelscanning.

FIG. 5 depicts a wireless channel scanning diagram of one of thewireless APs in the network depicted in FIG. 4 .

FIG. 6 depicts another wireless channel scanning diagram of one of thewireless APs in the network depicted in FIG. 4 .

FIG. 7 depicts an embodiment of a wireless AP that can be included inthe network depicted in FIG. 4 .

FIG. 8 shows a swim-lane diagram illustrating an example wirelessscanning procedure under AP mode.

FIG. 9 shows a swim-lane diagram illustrating an example wirelessscanning procedure under station (STA) mode.

FIG. 10 is a process flow diagram of a method for a cloud centralizedoff-channel scanning in accordance to an embodiment of the invention.

FIG. 11 depicts a sample channel allocation for AP by a cloud serverdepicted in FIG. 1 .

FIG. 12 is a process flow diagram of a method for wireless channelscanning in accordance to an embodiment of the invention.

FIG. 13 is a process flow diagram of a method for wireless channelscanning in accordance to an embodiment of the invention.

FIG. 14 is a process flow diagram of a method for wireless channelscanning in accordance to an embodiment of the invention.

FIG. 15 is a process flow diagram of a method for wireless channelscanning in accordance to an embodiment of the invention.

Throughout the description, similar reference numbers may be used toidentify similar elements.

DETAILED DESCRIPTION

It will be readily understood that the components of the embodiments asgenerally described herein and illustrated in the appended figures couldbe arranged and designed in a wide variety of different configurations.Thus, the following more detailed description of various embodiments, asrepresented in the figures, is not intended to limit the scope of thepresent disclosure, but is merely representative of various embodiments.While the various aspects of the embodiments are presented in drawings,the drawings are not necessarily drawn to scale unless specificallyindicated.

The present invention may be embodied in other specific forms withoutdeparting from its spirit or essential characteristics. The describedembodiments are to be considered in all respects only as illustrativeand not restrictive. The scope of the invention is, therefore, indicatedby the appended claims rather than by this detailed description. Allchanges which come within the meaning and range of equivalency of theclaims are to be embraced within their scope.

Reference throughout this specification to features, advantages, orsimilar language does not imply that all of the features and advantagesthat may be realized with the present invention should be or are in anysingle embodiment of the invention. Rather, language referring to thefeatures and advantages is understood to mean that a specific feature,advantage, or characteristic described in connection with an embodimentis included in at least one embodiment of the present invention. Thus,discussions of the features and advantages, and similar language,throughout this specification may, but do not necessarily, refer to thesame embodiment.

Furthermore, the described features, advantages, and characteristics ofthe invention may be combined in any suitable manner in one or moreembodiments. One skilled in the relevant art will recognize, in light ofthe description herein, that the invention can be practiced without oneor more of the specific features or advantages of a particularembodiment. In other instances, additional features and advantages maybe recognized in certain embodiments that may not be present in allembodiments of the invention.

Reference throughout this specification to “one embodiment”, “anembodiment”, or similar language means that a particular feature,structure, or characteristic described in connection with the indicatedembodiment is included in at least one embodiment of the presentinvention. Thus, the phrases “in one embodiment”, “in an embodiment”,and similar language throughout this specification may, but do notnecessarily, all refer to the same embodiment.

FIG. 1 depicts a communications system 100 in accordance to anembodiment of the invention. In the embodiment depicted in FIG. 1 , thecommunications system includes a cloud server 102 and at least onedeployed network 150 within a customer site 114. The cloud server and/orthe deployed network may be implemented in hardware (e.g., circuits),software, firmware, or a combination thereof. Although the illustratedcommunications system 100 is shown with certain components and describedwith certain functionality herein, other embodiments of thecommunications system may include fewer or more components to implementthe same, less, or more functionality. For example, in some embodiments,the communications system includes more than one cloud server, more thanone deployed network, and/or more than one customer site. In anotherexample, although the cloud server and the deployed network are shown inFIG. 1 as being connected in certain topology, the network topology ofthe communications system 100 is not limited to the topology shown inFIG. 1 .

The cloud server 102 can be used to provide at least one service to acustomer site (e.g., to the deployed network 150 located at the customersite 114). The cloud server may be configured to facilitate or perform awireless channel scanning service to network devices (e.g., the deployednetwork 150) at the customer site. Because the cloud server canfacilitate or perform a wireless channel scanning service to networkdevices at the customer site, network management efficiency can beimproved. In addition, because the cloud server can facilitate orperform a wireless channel scanning service to network devices at thecustomer site, a user or customer of the customer site can be notifiedof network outage. Consequently, network outage time can be reduced. Insome embodiments, the cloud server is configured to generate a userinterface to obtain input information, for example, a floor plan of acustomer site. In some embodiments, the user interface includes agraphical user interface. The cloud server may be implemented inhardware (e.g., circuits), software, firmware, or a combination thereof.In some embodiments, the cloud server is hosted or executed in a publiccloud computing environment such as Amazon Web Services (AWS), and/or aprivate cloud computing environment such as an enterprise cloud server.In some embodiments, the cloud server is implemented on a server gradehardware platform, such as an x86 architecture platform. For example,the hardware platform of the cloud server may include conventionalcomponents of a computing device, such as one or more processors (e.g.,central processing units (CPUs)), system memory, a network interface,storage system, and other Input/Output (I/O) devices such as, forexample, a mouse and a keyboard (not shown). In some embodiments, theprocessor is configured to execute instructions, for example, executableinstructions that may be used to perform one or more operationsdescribed herein and may be stored in the memory and the storage system.In some embodiments, the memory is volatile memory used for retrievingprograms and processing data. The memory may include, for example, oneor more random access memory (RAM) modules. In some embodiments, thenetwork interface is configured to enable the cloud server tocommunicate with another device via a communication medium. The networkinterface may be one or more network adapters, also referred to as aNetwork Interface Card (NIC). In some embodiments, the cloud serverincludes local storage devices (e.g., one or more hard disks, flashmemory modules, solid state disks and optical disks) and/or a storageinterface that enables the host to communicate with one or more networkdata storage systems, which are used to store information, such asexecutable instructions, cryptographic keys, virtual disks,configurations, and other data.

In the embodiment depicted in FIG. 1 , the cloud server 102 includes anetwork management (NM) module 110, a customer information portal 108connected to the NM module 110, and an NM database 112 configured tostore NM data. The NM module, the customer information portal, and/orthe NM database may be implemented in hardware (e.g., circuits),software, firmware, or a combination thereof. Although the illustratedcloud server is shown with certain components and described with certainfunctionality herein, other embodiments of the cloud server may includefewer or more components to implement the same, less, or morefunctionality. For example, in some embodiments, the cloud serverincludes more than one NM module, more than one customer informationportal, and/or more than one NM database. In another example, althoughthe NM module, the customer information portal, and the NM database areshown in FIG. 1 as being connected in certain topology, the networktopology of the cloud server is not limited to the topology shown inFIG. 1 . In addition, although the customer information portal 108 isshown in FIG. 1 as being a component of the cloud server 102, in otherembodiments, the customer information portal may be implemented outsideof the cloud server. In some embodiments, the NM module 110 isconfigured to facilitate or perform a wireless channel scanning serviceto network devices (e.g., the deployed network 150) at the customer site114, for example, using a network management (NM) rule set 130. The NMrule set 130 may include one or more NM rules for network devices at thecustomer site 114, for example, for performing an NM service to networkdevices at the customer site 114. In some embodiments, the NM module 110is configured to generate and/or transmit at least one NM alert 160regarding a network deployed and/or to be deployed at the customer site,for example, to an administrator or a user or customer (e.g., alayperson such as a worker on-site or an end-user such as an employee)at the customer site 114. In some embodiments, the NM database 112 isconfigured to store NM data for a network deployed and/or to be deployedat the customer site (e.g., a list of network devices deployed or to bedeployed at the customer site). For example, the NM database 112 isconfigured to store NM measurement data and/or a list of specific levelsof network availability, coverage and/or capacity for network devicesdeployed at the customer site 114. In some embodiments, the NM database112 is configured to store the at least one NM alert 160. Because the NMmodule can facilitate or perform an NM service (e.g., a wireless channelscanning service) to network devices at the customer site, networkmanagement efficiency can be improved. In addition, because the NMmodule can facilitate or perform an NM service to network devices at thecustomer site, a user or customer (e.g., a layperson such as a workeron-site or an end-user such as an employee) at the customer site can benotified of network conditions or outrages. Consequently, network outagetime can be shortened. The customer information portal 108 is configuredto receive customer input 128. In some embodiments, the customerinformation portal is configured to include or generate a user interfacethat allows a customer to input information related to the customer site114 (e.g., the floor plan of the customer site 114) and/or informationassociated with an NM service (e.g., a wireless channel scanningservice) for the customer site 114, such as one or more specificrequirements or restrictions.

In the communications system 100 depicted in FIG. 1 , the customer site114 may include one or more buildings, and each building may include oneor more floors. Network devices that can be deployed at the customersite may include any type of suitable network devices. For example,network devices may be designated to be deployed to a specific building,a specific floor within a building, and/or a specific location on afloor of a building. A network device that can be deployed at thecustomer site may be fully or partially implemented as an IntegratedCircuit (IC) device. In the embodiment depicted in FIG. 1 , the network150 includes one or more network devices 104-1, ..., 104-N, where N is apositive integer. In some embodiments, at least one of the one or morenetwork devices 104-1, ..., 104-N is a wired and/or wirelesscommunications device that includes at least one processor (e.g., amicrocontroller, a digital signal processor (DSP), and/or a CPU), atleast one wired or wireless communications transceiver implemented inone or more logical circuits and/or one or more analog circuits, atleast one wired or wireless communications interface and that supportsat least one wired or wireless communications protocol, and/or at leastone antenna. For example, at least one of the network devices 104-1,..., 104-N is compatible with Institute of Electrical and ElectronicsEngineers (IEEE) 802.3 protocol and/or one or more wireless local areanetwork (WLAN) communications protocols, such as an IEEE 802.11protocol, and/or a short-range communications protocol, such asBluetooth. In some embodiments, at least one of the network devices104-1, ..., 104-N is a wired communications device that is compatiblewith at least one wired local area network (LAN) communicationsprotocol, such as a wired router (e.g., an Ethernet router), a wiredswitch, a wired hub, or a wired bridge device (e.g., an Ethernetbridge). In some embodiments, at least one of the network devices 104-1,..., 104-N is a wireless access point (AP) that connects to a local areanetwork (e.g., a LAN) and/or to a backbone network (e.g., the Internet)through a wired connection and that wirelessly connects to wirelessstations (STAs), for example, through one or more WLAN communicationsprotocols, such as an IEEE 802.11 protocol. In some embodiments, thenetwork 150 includes at least one distribution switch (DS) ordistribution layer switch that functions as a bridge between a corelayer switch and an access layer switch, at least one head end (HE) orgateway, at least one access switch (AS) that can directly interact witha lower-level device (e.g., a wireless AP), at least one wireless AP,and/or at least one wireless sensor that wirelessly connects to awireless AP. In some embodiments, at least one of the network devices104-1, ..., 104-N is a wireless station (STA) that wirelessly connectsto a wireless AP. For example, at least one of the network devices104-1, ..., 104-N may be a laptop, a desktop personal computer (PC), amobile phone, or other wireless device that supports at least one WLANcommunications protocol (e.g., an IEEE 802.11 protocol).

FIG. 2 depicts an embodiment of a network device 204 of thecommunications system 100 depicted in FIG. 1 . The network device 204may be an embodiment of a network device 104-1, ..., or 104-N that isincluded in the deployed network150 in FIG. 1 . However, network devicesthat can be included in the deployed network 150 depicted in FIG. 1 arenot limited to the embodiment depicted in FIG. 2 . The network device204 may be any suitable type of network device. For example, the networkdevice 204 may be a distribution switch (DS), a gateway or headend (HE),an access switch (AS), a wireless access point (AP), a sensor, a laptop,a desktop personal computer (PC), or a mobile phone.

In the embodiment depicted in FIG. 2 , the network device 204 includesat least one wireless and/or wired transceiver 232, at least oneoptional antenna 236 operably connected to the transceiver 232, at leastone optional network port 238 operably connected to the transceiver 232,and a controller 234 operably connected to the transceiver 232. In someembodiments, the transceiver 232 includes a physical layer (PHY) device.The transceiver 232 may be any suitable type of transceiver. Forexample, the transceiver 232 may be an LAN transceiver (e.g., anEthernet transceiver), a short-range communications transceiver (e.g., aBluetooth or Bluetooth Low Energy (BLE) transceiver), or a WLANtransceiver (e.g., a transceiver compatible with an IEEE 802.11protocol). In some embodiments, the network device 204 includes multipletransceivers, for example, an LAN transceiver (e.g., an Ethernettransceiver), a short-range communications transceiver (e.g., aBluetooth or BLE transceiver), and/or a WLAN transceiver (e.g., atransceiver compatible with an IEEE 802.11 protocol). For example, thenetwork device 204 includes a WLAN transceiver (e.g., a transceivercompatible with an IEEE 802.11 protocol) and a short-rangecommunications transceiver (e.g., a Bluetooth or BLE transceiver). Insome embodiments, the network device (e.g., a wireless AP) includesmultiple antennas and multiple wireless transceivers that share theantennas. In some embodiments, the controller 234 is configured tocontrol the transceiver 232 to process packets received through theantenna 236 and/or the network port 238 and/or to generate outgoingpackets to be transmitted through the antenna 236 and/or the networkport 238. In some embodiments, the controller 234 is configured toobtain and/or store information relevant to the network device 204(e.g., security information relevant to the network device 204, such as,security certificate information). For example, the controller 234 maybe configured to obtain and/or store security information relevant tothe network device 204 such as security certificate information. In someembodiments, the controller 234 includes a storage device (e.g., one ormore hard disks, flash memory modules, solid state disks, and/or opticaldisks) that contains or stores predefined information (e.g., apredefined security certificate), which may be placed or embedded intothe network device during a manufacturing process. In some embodiments,the controller 234 is implemented using at least one processor (e.g., amicrocontroller, a DSP, and/or a CPU). In some embodiments, thecontroller 234 executes one or more Layer 3 or L3 (i.e., the networklayer, which is the third level (Layer 3) of the Open SystemsInterconnection Model (OSI Model)) protocols, for example, an InternalGateway Protocol (IGP) (e.g., an Open Shortest Path First (OSPF)protocol), a Border Gateway Protocol (BGP), or an Intermediate System toIntermediate System (IS-IS) protocol. The controller 234 may include aprocessor (e.g., a microcontroller, a DSP, and/or a CPU) configured toexecute one or more Layer 3 (L3) protocols, and memory that may storeinformation (e.g., an operation system (OS)) for the processor. Theantenna 236 may be any suitable type of antenna. For example, theantenna 236 may be an induction type antenna such as a loop antenna orany other suitable type of induction type antenna. However, the antenna236 is not limited to an induction type antenna. The network port 238may be any suitable type of port. For example, the network port 238 maybe a local area network (LAN) network port such as an Ethernet port.However, the network port 238 is not limited to LAN network ports. Insome embodiments, the network device 204 is a wireless communicationsdevice that includes at least one wireless transceiver (e.g., thetransceiver 232) and at least one antenna (e.g., the antenna 236). Insome embodiments, as a wireless device, the network device 204 includesat least one network port (e.g., the network port 238) that is used toconnect to another communication device through at least one cable orwire, for example, at least one Ethernet cable. In some embodiments, thenetwork device 204 is a wired communications device that includes atleast one wired transceiver (e.g., the transceiver 232) and at least onenetwork port (e.g., the network port 238) that is used to connect toanother communication device through at least one cable or wire, forexample, at least one Ethernet cable. In some embodiments, as a wireddevice, the network device 204 includes a wireless transceiver and atleast one antenna (e.g., the antenna 236).

In the embodiment depicted in FIG. 2 , the network device 204 (e.g., thecontroller 234) includes a network engine 270 configured to execute oneor more communications protocols. In some embodiments, the networkengine 470 is configured to execute Layer 3 (L3) protocols, for example,an Internal Gateway Protocol (IGP) (e.g., an Open Shortest Path First(OSPF) protocol), a Border Gateway Protocol (BGP), or an IntermediateSystem to Intermediate System (IS-IS) protocol. In some embodiments, thenetwork engine 270 includes or is implemented using a processor (e.g., amicrocontroller, a DSP, and/or a CPU) configured to execute one or morecommunications protocols (e.g., Layer 3 (L3) protocols), and memory thatmay store information (e.g., an OS) for the processor. For example, thecontroller 234 is implemented using a processor and memory, and thenetwork engine 270 is a software module that executes in the processor.In some embodiments, the controller 234 (e.g., the network engine 270)includes a storage device (e.g., one or more hard disks, flash memorymodules, solid state disks, and/or optical disks) that contains orstores predefined information (e.g., a predefined security certificate),which may be placed or embedded into the network device 204 during amanufacturing process.

In some embodiments, the network device 204 (e.g., the controller 234)is configured to periodically perform wireless channel scanning for aWireless Intrusion Prevention System (WIPS), a Wireless IntrusionDetection System (WIDS), channel planning applications, and/or clientlocation related applications. In an embodiment, the network device 204(e.g., the controller 234) is configured to scan for beacons/proberesponses, for example, to detect operating basic service sets (BSSes)on neighboring wireless devices (e.g., wireless APs) in addition torecording channel quality parameters for channel planning and/orWIPS/WIDS (e.g., to detect rogue APs) related use-cases. In anembodiment, the network device 204 (e.g., the controller 234) isconfigured to scan for specific frames, for example, management frames,control frames, and data frames for WIPS/WIDS (e.g., to detect rogueclients) and/or client location (e.g., received signal strengthindication (RSSI) based triangulation) related requirements. In anembodiment, the network device 204 (e.g., the controller 234) isconfigured to scan for non-Wi-Fi interference (e.g., microwave, jammer,etc.), for example, primarily in 2.4G band, for channel planning andWIPS/WIDS requirements. The network device 204 (e.g., the controller234) can perform off-channel management frame transmission, for example,transmit deauthentication frames to non-AP stations for rogue APhandling. In some embodiments, the network device 204 (e.g., thecontroller 234) performs off-channel scanning by tuning its radio ortransceiver 232 to a different channel for a finite amount of time, forexample, to detect sources of interference, rogue, or unauthorizedad-hoc Wi-Fi networks. The network device 204 (e.g., the controller 234)can operate under station mode, for example, to associate with and/ortransmit pings to a neighboring AP for service-level agreement (SLA)related requirements (e.g., as a virtual sensor). The network device 204(e.g., the controller 234) can perform intelligent wireless channelscanning on various frequency bands (e.g., 6 GHz band with 1200 MHzopened (59 new 20 MHz channels)), to reduce scanning time. For example,with a dwell internal of 100 ms, it can take about 6 secondsapproximately to scan through all 59 channels, which may be unacceptableor impracticable for some applications.

FIG. 3 depicts a network 350 that can be included in the communicationssystem 100 depicted in FIG. 1 . The network 350 depicted in FIG. 3 is anembodiment of the network 150 depicted in FIG. 1 . However, the network150 depicted in FIG. 1 is not limited to the embodiment depicted in FIG.3 . In the embodiment depicted in FIG. 3 , the network 350 includes apair of distribution switches (DSs) or distribution layer switches352-1, 352-2 that are aggregation switches functioning as a bridgebetween core layer switches and access layer switches, a pair of headends (HEs) or gateways 354-1, 354-2, a number of access switches (ASs)356-1, 356-2, 356-3, 356-4, 356-5, 356-6, 356-7, 356-8 connected inrings 358-1, 358-2 that directly interact with lower level devices(e.g., wireless APs), a number of wireless APs 360-1, 360-2, 360-3,360-4, 360-5, 360-6 connected to the ASs, a number of wireless sensors362-1, 362-2, 362-3 that wirelessly connect to the wireless APs, and anumber of network devices 364-1, 364-2, 364-3 that are connected to theASs 356-2, 356-4, and the wireless AP 360-1 through cables or wires, forexample, Ethernet cables, or wirelessly. The DSs 352-1, 352-2, the HEs354-1, 354-2, the ASs 356-1, 356-2, 356-3, 356-4, 356-5, 356-6, 356-7,356-8, the wireless APs 360-1, 360-2, 360-3, 360-4, 360-5, 360-6, thewireless sensors 362-1, 362-2, 362-3, and/or the network devices 364-1,364-2, 364-3 may be an embodiment of the network device 204 depicted inFIG. 2 . The network devices 364-1, 364-2, 364-3 may be wired and/orwireless devices, for example, laptops, desktop PCs, or other wireddevices. In some embodiments, each of the network devices 364-1, 364-2,364-3 includes at least one wired transceiver (e.g., the transceiver232) and at least one network port (e.g., the network port 238) that isused to connect to another communication device through at least onecable or wire, for example, at least one Ethernet cable. In someembodiments, as a wired device, each of the network devices 364-1,364-2, 364-3 includes a wireless transceiver and at least one antenna(e.g., the antenna 236). In some embodiments, the network 350 alsoincludes at least one wired communications device that is connected tothe DS 352-1 or 352-2 through at least one cable or wire, for example,at least one Ethernet cable. In the embodiment depicted in FIG. 3 , theDSs 352-1, 352-2 are connected to a network 380 (e.g., the Internet),which is connected to a network management module (e.g., the NM module110 of the cloud server 102 depicted in FIG. 1 ). In some embodiments,the DSs 352-1, 352-2, the HEs 354-1, 354-2, and the ASs 356-1, 356-2,356-3, 356-4, 356-5, 356-6, 356-7, 356-8 constitute a network serviceblock (NSB), which is a basic building block for providing connectivityas a service and is a replicable block that can be scaled (e.g.,expanded) to meet any deployment. In some embodiments, the NSB works inLayer 3 or L3 (i.e., the network layer, which is the third level (Layer3) of the OSI Model) environment and is connected to other wired devicesunder L3 mode. Although the network 350 is shown with certain componentsand described with certain functionality herein, other embodiments ofthe network 350 may include fewer or more components to implement thesame, less, or more functionality. For example, in some embodiments, thenetwork 350 includes only one DS, more than two DSs, no HE, only one HE,more than two HEs, less than eight ASs, more than eight ASs, less thansix wireless APs, more than six wireless APs, less than three wirelesssensors, more than three wireless sensors, more than three networkdevices, and/or less than three network devices. Although each of therings 358-1, 358-2 includes four ASs in the embodiment depicted in FIG.3 , in other embodiments, the number of ASs in each of the rings 358-1,358-2 may be more than four or less than four. In another example,although the network 350 shown in FIG. 3 as being connected in certaintopology, the network topology of the network 350 is not limited to thetopology shown in FIG. 3 . In some embodiments, the number of HEs andDSs is constant in the network 350 while the number of the wireless APs,the ASs, and the sensor(s) in the network 350 varies.

FIG. 4 depicts a network 450 that includes multiple wireless APs 460-1,460-2, 460-3, 460-4, 460-5, 460-6 and can interact with the cloud server102 depicted in FIG. 1 for wireless channel scanning. The network 450depicted in FIG. 4 is an embodiment of the network 350 depicted in FIG.3 . However, the network 350 depicted in FIG. 3 is not limited to theembodiment depicted in FIG. 4 . In the embodiment depicted in FIG. 4 ,the network 450 includes the wireless APs 460-1, 460-2, 460-3, 460-4,460-5, 460-6, at least one distribution switch (DS) or distributionlayer switch 452 that is an aggregation switch functioning as a bridgebetween a core layer switch and an access layer switch, at least onehead end (HE) or gateway 454, and at least one access switch (AS) 456that directly interacts with lower-level devices (e.g., wireless APs).The wireless APs 460-1, 460-2, 460-3, 460-4, 460-5, 460-6 may beconnected to physical ports (e.g., Ethernet ports) of the AS 456 throughnetwork cables (e.g., Ethernet cables). The wireless APs 460-1, 460-2,460-3, 460-4, 460-5, 460-6 depicted in FIG. 4 may be similar to or thesame as the wireless APs 360-1, 360-2, 360-3, 360-4, 360-5, 360-6depicted in FIG. 3 . The DS 452 depicted in FIG. 4 may be similar to orthe same as the DSs 352-1, 352-2 depicted in FIG. 3 . The HE 454depicted in FIG. 4 may be similar to or the same as the HEs 354-1, 354-2depicted in FIG. 3 . The AS 456 depicted in FIG. 4 may be similar to orthe same as the ASs 356-1, 356-2, 356-3, 356-4, 356-5, 356-6, 356-7,356-8 depicted in FIG. 3 . Although the network 450 is shown in FIG. 4with certain components and described with certain functionality herein,other embodiments of the network 450 may include fewer or morecomponents to implement the same, less, or more functionality. Forexample, in some embodiments, the network 450 includes more than one DS,no HE, more than one HE, more than one AS, more than six wireless APs,less than six wireless APs, one or more wireless sensors, and/or one ormore network devices. In another example, although the wireless APs360-1, 360-2, 360-3, 360-4, 360-5, 360-6 are shown in FIG. 4 as beingconnected to the AS 456, in other embodiments, the wireless APs 360-1,360-2, 360-3, 360-4, 360-5, 360-6 are connected to different ASs.

In the embodiment depicted in FIG. 4 , the wireless APs 460-1, 460-2,460-3, 460-4, 460-5, 460-6 are configured to perform wireless channelscanning of the network 450. In some embodiments, each of the wirelessAPs 460-1, 460-2, 460-3, 460-4, 460-5, 460-6 scans airwaves to probe forinformation from one or more beaconing wireless APs, for example, togenerate a scan report of neighboring wireless APs and to transmit thescan report to the cloud server 102 (e.g., the NM module 110 in thecloud server 102). In some embodiments, the cloud server 102 (e.g., theNM module 110 in the cloud server 102) analyzes data (e.g., scanreports) from the wireless APs 460-1, 460-2, 460-3, 460-4, 460-5, 460-6to perform a management operation to the wireless APs 460-1, 460-2,460-3, 460-4, 460-5, 460-6. For example, the cloud server 102 (e.g., theNM module 110 in the cloud server 102) analyzes data (e.g., scanreports) from the wireless APs 460-1, 460-2, 460-3, 460-4, 460-5, 460-6to control wireless channel scanning operations (e.g., adjust timeduration and/or channel of wireless channel scanning) of the wirelessAPs 460-1, 460-2, 460-3, 460-4, 460-5, 460-6. Consequently, undervarying wireless channel conditions and interference, wireless channelscanning can be efficiently implemented.

In an example wireless channel scanning operation of the network 450depicted in FIG. 4 , the wireless APs 460-1, 460-2, 460-3, 460-4, 460-5,460-6 conduct airwave probe and wireless channel scanning. Each of thewireless APs 460-1, 460-2, 460-3, 460-4, 460-5, 460-6 may operate undera station mode in which the wireless AP behaves similar to a wirelessstation (STA) and associates with another wireless AP, for example, byenabling a station (STA) interface of the wireless AP. Under the stationmode, the wireless AP may behave similar to a wireless station (STA) andassociates with and/or transmits pings to a neighboring AP for SLArelated requirements, e.g., as a virtual sensor. Alternatively, each ofthe wireless APs 460-1, 460-2, 460-3, 460-4, 460-5, 460-6 may operateunder an AP mode in which the wireless AP does not associate with anyanother wireless AP, for example, by disabling a station (STA) interfaceof the wireless AP. Each of the wireless APs 460-1, 460-2, 460-3, 460-4,460-5, 460-6 may perform a WLAN scan (e.g., an 802.11 scan or a dot11scan) to detect WiFi (also referred to as Wi-Fi, wifi) interference,which is wireless interference in frequency bands used by IEEE 802.11protocols, or a spectral scan to detect non-WiFi interference (e.g.,microwave, jammer, etc.). For example, each of the wireless APs 460-1,460-2, 460-3, 460-4, 460-5, 460-6 may perform passive scan with mediumaccess control (MAC) hardware (HW) in promiscuous mode to capture alltypes of frames (e.g., data frames, management frames, and controlframes), which are not limited to beacons and probe responses to satisfychannel planning, WIPS/WIDS, and client location use cases. Inpromiscuous mode, the MAC HW allows all frames through such that framesintended for other network devices can be read by the wireless AP.Channel quality parameters (noise figure (NF), channel utilization,etc.) may be accessed as well from the received frames. In someembodiments, each of the wireless APs 460-1, 460-2, 460-3, 460-4, 460-5,460-6 performs off-channel scanning by tuning its radio or transceiverto a different channel for a finite amount of time, for example, todetect sources of interference, rogue, or unauthorized ad-hoc Wi-Finetworks. Each of the wireless APs 460-1, 460-2, 460-3, 460-4, 460-5,460-6 may send deauthentication frames as off-channel transmissions atthe start of a scan dwell to a list of clients operating on thatchannel, if any, for rogue AP handling, which can reduce or eliminatethe need for scheduling separate dwell intervals for doing off-channelmanagement frame transmissions. Each of the wireless APs 460-1, 460-2,460-3, 460-4, 460-5, 460-6 may dynamically adjust the dwell time for agiven channel for a given dot11 scan schedule based on number of BSSesdiscovered on a given channel from a previous dot11 scans. For example,the higher the number of BSSes are discovered, the larger the channeldwell time is, and vice-versa. Each of the wireless APs 460-1, 460-2,460-3, 460-4, 460-5, 460-6 may perform spectral scan, which may bescheduled at the end of each dot11 scan dwell itself, for a givenchannel to scan for non-WiFi interference (microwave, jammer, etc.) tominimize channel switch delays when compared to scheduling dot11 andspectral scans separately for the same list of channels. Each of thewireless APs 460-1, 460-2, 460-3, 460-4, 460-5, 460-6 may serve channeldwell for any active STA interface. In addition to dot11 scans andspectral scans, each of the wireless APs 460-1, 460-2, 460-3, 460-4,460-5, 460-6 may serve channel dwell for an appropriate time interval atthe end of each off-channel scan dwell when a STA interface is enabled,for example, to satisfy the additional requirement to reserve adequatetime slots to transmit/receive frames if the STA interface is createdand associated to any neighboring AP on the scanning radio.

FIG. 5 depicts a wireless channel scanning diagram 500 of one of thewireless APs 460-1, 460-2, 460-3, 460-4, 460-5, 460-6 in the network 450depicted in FIG. 4 . In the wireless channel scanning diagram 500depicted in FIG. 5 , the wireless AP operates under the AP mode to scanwireless channels 1-165, and the station interface of the wireless AP isdisabled. Although the wireless channel scanning diagram 500 in FIG. 5depicts 165 channels, in other embodiments, the wireless channelscanning diagram 500 includes a subset of channels 1-165 or additionalchannels and the wireless AP scans fewer than channels 1-165 oradditional channels.

As shown in FIG. 5 , the wireless AP starts with performing a WLAN scan(e.g., an 802.11 scan/a dot11 scan) of channel 1 to detect WiFiinterference, which is wireless interference in frequency bands used byIEEE 802.11 protocols, and a spectral scan of channel 1 to detectnon-WiFi interference (e.g., microwave, jammer, etc.). The WLAN scan ofchannel 1 may start with off-channel scan (e.g., sendingdeauthentication frames as off-channel transmissions at the start of theWLAN scan to a list of clients operating on channel 1, if any, for rogueAP handling, which can reduce or eliminate the need for schedulingseparate dwell intervals for doing off-channel management frametransmissions). Subsequently, the wireless AP performs a WLAN scan(e.g., an 802.11 scan/a dot11 scan) of channel 2 to detect WiFiinterference and a spectral scan of channel 2 to detect non-WiFiinterference (e.g., microwave, jammer, etc.). The WLAN scan of channel 2may start with off-channel scan (e.g., sending deauthentication framesas off-channel transmissions at the start of the WLAN scan to a list ofclients operating on channel 2, if any, for rogue AP handling, which canreduce or eliminate the need for scheduling separate dwell intervals fordoing off-channel management frame transmissions). Subsequently, thewireless AP performs a WLAN scan (e.g., an 802.11 scan/ a dot11 scan) ofchannel 3-165 to detect WiFi interference. The WLAN scan of channel3-165 may start with off-channel scan (e.g., sending deauthenticationframes as off-channel transmissions at the start of the WLAN scan to alist of clients operating on that channel, if any, for rogue APhandling, which can reduce or eliminate the need for scheduling separatedwell intervals for doing off-channel management frame transmissions).

After the WLAN scan of channel 165 is completed, the wireless AP repeatsthe scanning pattern. Specifically, the wireless AP starts withperforming a WLAN scan (e.g., an 802.11 scan/a dot11 scan) of channel 1to detect WiFi interference and a spectral scan of channel 1 to detectnon-WiFi interference. The WLAN scan of channel 1 may start withoff-channel scan. Subsequently, the wireless AP performs a WLAN scan(e.g., an 802.11 scan/a dot11 scan) of channel 2 to detect WiFiinterference and a spectral scan of channel 2 to detect non-WiFiinterference. The WLAN scan of channel 2 may start with off-channelscan. Subsequently, the wireless AP performs a WLAN scan (e.g., an802.11 scan/ a dot11 scan) of channel 3-165 to detect WiFi interference.The WLAN scan of channel 3-165 may start with off-channel scan.

FIG. 6 depicts a wireless channel scanning diagram 600 of one of thewireless APs 460-1, 460-2, 460-3, 460-4, 460-5, 460-6 in the network 450depicted in FIG. 4 . In the wireless channel scanning diagram 600depicted in FIG. 6 , the wireless AP operates under the station (STA)mode to scan wireless channels 1-165, the station interface of thewireless AP is enabled, and the wireless AP is associated to a nearbywireless AP on a wireless channel (e.g., channel 40). Although thewireless channel scanning diagram 600 in FIG. 6 depicts 165 channels, inother embodiments, the wireless channel scanning diagram 600 includes asubset of channels 1-165 or additional channels and the wireless APscans fewer than channels 1-165 or additional channels.

As shown in FIG. 6 , the wireless AP starts with performing a WLAN scan(e.g., an 802.11 scan/a dot11 scan) of channel 1 to detect WiFiinterference, which is wireless interference in frequency bands used byIEEE 802.11 protocols, and a spectral scan of channel 1 to detectnon-WiFi interference (e.g., microwave, jammer, etc.). The WLAN scan ofchannel 1 may start with off-channel scan (e.g., sendingdeauthentication frames as off-channel transmissions at the start of theWLAN scan to a list of clients operating on channel 1, if any, for rogueAP handling, which can reduce or eliminate the need for schedulingseparate dwell intervals for doing off-channel management frametransmissions). Subsequently, the wireless AP behaves as a wirelessstation (STA) and associates with and/or transmits pings to aneighboring AP for SLA related requirements, e.g., as a virtual sensor,on the wireless channel on which the STA interface of the wireless AP isassociated to a nearby AP (e.g., channel 40). Subsequently, the wirelessAP performs a WLAN scan (e.g., an 802.11 scan/a dot11 scan) of channel 2to detect WiFi interference and a spectral scan of channel 2 to detectnon-WiFi interference (e.g., microwave, jammer, etc.). The WLAN scan ofchannel 2 may start with off-channel scan (e.g., sendingdeauthentication frames as off-channel transmissions at the start of theWLAN scan to a list of clients operating on channel 2, if any, for rogueAP handling, which can reduce or eliminate the need for schedulingseparate dwell intervals for doing off-channel management frametransmissions). Subsequently, the wireless AP behaves similar to awireless station (STA) and associates with and/or transmits pings to aneighboring AP for SLA related requirements, e.g., as a virtual sensor,on the wireless channel on which the STA interface of the wireless AP isassociated to a nearby AP (e.g., channel 40). Subsequently, the wirelessAP performs a WLAN scan (e.g., an 802.11 scan/ a dot11 scan) of channel3-165, which may not include channel 40, to detect WiFi interference.The WLAN scan of channel 3-165 may start with off-channel scan (e.g.,sending deauthentication frames as off-channel transmissions at thestart of the WLAN scan to a list of clients operating on that channel,if any, for rogue AP handling, which can reduce or eliminate the needfor scheduling separate dwell intervals for doing off-channel managementframe transmissions). Subsequently, the wireless AP behaves similar to awireless station (STA) and associates with and/or transmits pings to aneighboring AP for SLA related requirements, e.g., as a virtual sensor,on the wireless channel on which the STA interface of the wireless AP isassociated to a nearby AP (e.g., channel 40).

After the STA scan of channel 40 is completed, the wireless AP repeatsthe scanning pattern. Specifically, the wireless AP starts withperforming a WLAN scan (e.g., an 802.11 scan/a dot11 scan) of channel 1to detect WiFi interference and a spectral scan of channel 1 to detectnon-WiFi interference. The WLAN scan of channel 1 may start withoff-channel scan. Subsequently, the wireless AP behaves similar to awireless station (STA) and associates with and/or transmits pings to aneighboring AP for SLA related requirements, e.g., as a virtual sensor,on the wireless channel on which the STA interface of the wireless AP isassociated to a nearby AP (e.g., channel 40). Subsequently, the wirelessAP performs a WLAN scan (e.g., an 802.11 scan/a dot11 scan) of channel 2to detect WiFi interference and a spectral scan of channel 2 to detectnon-WiFi interference. The WLAN scan of channel 2 may start withoff-channel scan. Subsequently, the wireless AP behaves similar to awireless station (STA) and associates with and/or transmits pings to aneighboring AP for SLA related requirements, e.g., as a virtual sensor,on the wireless channel on which the STA interface of the wireless AP isassociated to a nearby AP (e.g., channel 40). Subsequently, the wirelessAP performs a WLAN scan (e.g., an 802.11 scan/ a dot11 scan) of channel3-165, which may not include channel 40, to detect WiFi interference.The WLAN scan of channel 3-165 may start with off-channel scan.Subsequently, the wireless AP behaves similar to a wireless station(STA) and associates with and/or transmits pings to a neighboring AP forSLA related requirements, e.g., as a virtual sensor, on the wirelesschannel on which the STA interface of the wireless AP is associated to anearby AP (e.g., channel 40).

FIG. 7 depicts an embodiment of a wireless AP 760 that can be includedin the network 450 depicted in FIG. 4 . The wireless AP 760 is anembodiment of the wireless APs 460-1, 460-2, 460-3, 460-4, 460-5, 460-6of the network 450 depicted in FIG. 4 . However, the wireless APs 460-1,460-2, 460-3, 460-4, 460-5, 460-6 of the network 450 depicted in FIG. 4are not limited to the embodiment depicted in FIG. 7 . In the embodimentdepicted in FIG. 7 , the wireless AP 760 includes a 5 GHz client servingradio 732-1 with an antenna array of one or more antennas 736-1, ...,736-N (N is a positive integer), a 2.4 GHz client serving radio 732-2with an antenna array of one or more antennas 746-1, ..., 746-M (M is apositive integer), a 6 GHz client serving radio 732-3 with an antennaarray of one or more antennas 756-1, ..., 756-P (P is a positiveinteger), a 2.4 GHz/5 GHz/6 GHz tri-band scanning radio 732-4 with anantenna array of one or more antennas 766-1, ..., 766-Q (Q is a positiveinteger), an Ethernet unit 742, a kernel 734, and a user space 770 withuser space applications 772, 774, 776, 778, 780, 782, 784, 786, 788.Each of the 5 GHz client serving radio 732-1, the 2.4 GHz client servingradio 732-2, the 6 GHz client serving radio 732-3, and the 2.4 GHz/5GHz/6 GHz tri-band scanning radio 732-4 may include radio frequency (RF)frontend and/or transceiver. The antennas 736-1, ..., 736-N, 746-1, ...,746-M, 756-1, ..., 756-P, 766-1, ..., 766-Q may be any suitable type ofantennas. For example, the antennas include at least one induction typeantenna such as a loop antenna or any other suitable type of inductiontype antenna. However, the antennas that can be used in the wireless AP760 is not limited to an induction type antenna. The Ethernet unit 742may be an Ethernet transceiver that is connected to one or more networkports 738-1, ..., 738-K (K is a positive integer) that can be connectedto other network element(s), such as, a switch (e.g., an AS or a DS) ora router. The network ports 738-1, ..., 738-K may be any suitable typeof ports. For example, the network ports 738-1, ..., 738-K may be LANnetwork ports, such as, Ethernet ports. However, the network ports738-1, ..., 738-K are not limited to LAN network ports. Although thewireless AP 760 is shown in FIG. 7 with certain components and describedwith certain functionality herein, other embodiments of the wireless AP760 may include fewer or more components to implement the same, less, ormore functionality. For example, in some embodiments, the wireless AP760 includes storage or memory such as Dynamic random-access memory(DRAM) or flash and/or a clock (CLK) unit. In another example, in someembodiments, the wireless AP 760 includes more RF frontends ortransceivers having more frequency bands or fewer RF frontends ortransceivers having fewer frequency bands.

In the embodiment depicted in FIG. 7 , the kernel 734 includes amanagement/control path interface 792 configured to provide a managementor control interface, a network stack unit 794 configured to store ormanage network protocol information, and a radio/Ethernet driver 796configured to control or drive the 5 GHz client serving radio 732-1, the2.4 GHz client serving radio 732-2, the 6 GHz client serving radio732-3, the 2.4 GHz/5 GHz/6 GHz tri-band scanning radio 732-4, and theEthernet unit 742. The management/control path interface 792, thenetwork stack unit 794, and the radio/Ethernet driver 796 may beimplemented in hardware (e.g., circuits), software, firmware, or acombination thereof. In some embodiments, the kernel 734 is implementedwith a controller, which may include a processor (e.g., amicrocontroller, a DSP, and/or a CPU) and memory that may storeinformation (e.g., an OS) for the processor. For example, the kernel 734may be implemented by a system-on-chip (SoC) that may be anapplication-specific integrated circuit (ASIC).

In the embodiment depicted in FIG. 7 , the user space 770 contains orstores user space applications, which include a configuration managementmodule 772 configured to perform network and/or device configurationmanagement functions, a software updater 774 configured to performsoftware update functions, a Wireless Intrusion Prevention System(WIPS)/Wireless Intrusion Detection System (WIDS) 776, a channelplanning module 778 configured to perform channel planning functions, alogging & miscellaneous module 780 configured to perform log and otherfunctions, a statistics collection/cloud export module 782 configured toperform statistics collection and cloud export functions, aplatform/connectivity health monitoring module 784 configured to performplatform and/or connectivity health monitoring functions, a channelscanning scheduler 786 configured to perform wireless channel scanningfunctions, and an Ethernet/tunnel management module 788 configured toperform Ethernet and/or tunnel management functions. The configurationmanagement module 772, the software updater 774, the WIPS/ WIDS 776, thechannel planning module 778, the logging & miscellaneous module 780, thestatistics collection/cloud export module 782, the platform/connectivityhealth monitoring module 784, the channel scanning scheduler 786, andthe Ethernet/tunnel management module 788 may be implemented in hardware(e.g., circuits), software, firmware, or a combination thereof. Forexample, the kernel 734 is implemented using a processor and memory, andthe configuration management module 772, the software updater 774, theWIPS/ WIDS 776, the channel planning module 778, the logging &miscellaneous module 780, the statistics collection/cloud export module782, the platform/connectivity health monitoring module 784, the channelscanning scheduler 786, and the Ethernet/tunnel management module 788are software modules that execute in the processor.

In some embodiments, the channel scanning scheduler 786 is configured toschedule wireless channel scanning of the wireless AP 760. For example,the channel scanning scheduler 786 may control wireless channel scanningoperations (e.g., adjust time duration and/or channel of wirelesschannel scanning) of the wireless AP 760. Consequently, under varyingwireless channel conditions and interference, wireless channel scanningcan be efficiently implemented. The channel scanning scheduler 786 mayenable or disable a station mode in which the wireless AP 760 behavessimilar to a wireless station (STA) and associates with another wirelessAP, for example, by enabling a station (STA) interface of the wirelessAP 760. Under the station mode, the wireless AP 760 may behave similarto a wireless station (STA) and associates with and/or transmits pingsto a neighboring AP for SLA related requirements, e.g., as a virtualsensor. The channel scanning scheduler 786 may enable or disable an APmode in which the wireless AP 760 does not associate with any anotherwireless AP, for example, by disabling a station (STA) interface of thewireless AP 760. In some embodiments, the channel scanning scheduler 786is configured to schedule a WLAN scan (e.g., an 802.11 scan or a dot11scan) to detect WiFi interference, which is wireless interference infrequency bands used by IEEE 802.11 protocols, or a spectral scan todetect non-WiFi interference (e.g., microwave, jammer, etc.). Forexample, the channel scanning scheduler 786 may schedule passive scanwith MAC HW in promiscuous mode to capture all types of frames (e.g.,data frames, management frames, and control frames), which are notlimited to beacons and probe responses to satisfy channel planning,WIPS/WIDS, and client location use cases. In promiscuous mode, the MACHW allows all frames through such that frames intended for other networkdevices can be read by the wireless AP 760. Channel quality parameters(noise figure (NF), channel utilization, etc.) may be accessed as wellfrom the received frames. In some embodiments, the wireless AP 760(e.g., the channel scanning scheduler 786) performs off-channel scanningby tuning its radio or transceiver (e.g., the 2.4 GHz/5 GHz/6 GHztri-band scanning radio 732-4) to a different channel for a finiteamount of time, for example, to detect sources of interference, rogue,or unauthorized ad-hoc Wi-Fi networks. The channel scanning scheduler786 may cause deauthentication frames to be sent by a radio ortransceiver (e.g., the 2.4 GHz/5 GHz/6 GHz tri-band scanning radio732-4) as off-channel transmissions at the start of a scan dwell to alist of clients operating on that channel, if any, for rogue APhandling, which can reduce or eliminate the need for scheduling separatedwell intervals for doing off-channel management frame transmissions.The channel scanning scheduler 786 may dynamically adjust the dwell timefor a given channel for a given dot11 scan schedule based on number ofBSSes discovered on a given channel from a previous dot11 scans. Forexample, the higher the number of BSSes are discovered, the larger thechannel dwell time is, and vice-versa. The channel scanning scheduler786 may schedule spectral scan at the end of each dot11 scan dwellitself, for a given channel to scan for non-WiFi interference(microwave, jammer, etc.) to minimize channel switch delays whencompared to scheduling dot11 and spectral scans separately for the samelist of channels. The channel scanning scheduler 786 may serve channeldwell for any active STA interface. In addition to dot11 scans andspectral scans, the channel scanning scheduler 786 may serve channeldwell for an appropriate time interval at the end of each off-channelscan dwell when a STA interface is enabled, for example, to satisfy theadditional requirement to reserve adequate time slots totransmit/receive frames if the STA interface is created and associatedto any neighboring AP on the scanning radio.

In some embodiments, a controller (e.g., the channel scanning scheduler786 and/or the radio/Ethernet driver 796) of the wireless AP 760 isconfigured to using a scanning RF frontend (e.g., the 2.4 GHz/5GHz/6GHztri-band scanning radio 732-4), perform a wireless local area network(WLAN) scan and a spectral scan on a first channel of a channel scanlist, and using the scanning RF frontend, perform the WLAN scan and thespectral scan on a second channel of the channel scan list after theWLAN scan and the spectral scan on the first channel are completed. Insome embodiments, the controller (e.g., the channel scanning scheduler786 and/or the radio/Ethernet driver 796) of the wireless AP 760 isfurther configured to using the scanning RF frontend, perform the WLANscan on the first channel of the channel scan list to detect WiFiinterference, and using the scanning RF frontend, perform the spectralscan on the first channel of the channel scan list to detect non-WiFiinterference. In some embodiments, the controller (e.g., the channelscanning scheduler 786 and/or the radio/Ethernet driver 796) of thewireless AP 760 is further configured to using the scanning RF frontend,perform an off-channel scan on the first channel of the channel scanlist. In some embodiments, the controller (e.g., the channel scanningscheduler 786 and/or the radio/Ethernet driver 796) of the wireless AP760 is further configured to using the scanning RF frontend, constructand transmit at least one deauthentication frame to at least one deviceon the first channel of the channel scan list. In some embodiments, thecontroller (e.g., the channel scanning scheduler 786 and/or theradio/Ethernet driver 796) of the wireless AP 760 is further configuredto place medium access control (MAC) hardware (HW) in promiscuous modeto capture different types of frames. In some embodiments, thecontroller (e.g., the channel scanning scheduler 786 and/or theradio/Ethernet driver 796) of the wireless AP 760 is further configuredto place a wireless network interface of the wireless AP in station(STA) scanning mode in which the wireless AP behaves as a wirelessstation. In some embodiments, the controller (e.g., the channel scanningscheduler 786 and/or the radio/Ethernet driver 796) of the wireless AP760 is further configured to using the scanning RF frontend, associatewith or transmit at least one ping to a neighboring wireless AP on achannel of the channel scan list for a service-level agreement (SLA)requirement.

FIG. 8 shows a swim-lane diagram illustrating an example wirelessscanning procedure under AP mode, which can take places between thechannel scanning scheduler 786, the radio/Ethernet driver 796, and the2.4 GHz/5GHz/6GHz tri-band scanning radio 732-4 of the wireless AP 760depicted in FIG. 7 . Although operations in the example procedure inFIG. 8 are described in a particular order, in some embodiments, theorder of the operations in the example procedure may be altered so thatcertain operations may be performed in an inverse order or so thatcertain operations may be performed, at least in part, concurrently withother operations.

In the example wireless scanning procedure depicted in FIG. 8 , thewireless AP 760 operates under AP mode and no STA interface is enabled.The wireless scanning procedure starts at operation 802, theradio/Ethernet driver 796 creates a wireless network interface on thetri-band scanning radio 732-4 and places the wireless network interfacein AP scanning mode. At operation 804, the channel scanning scheduler786 starts combined dot11 and spectral scan (e.g., generates a list ofchannels, dot11 scan dwell time/channel, a de-authentication clientlist, spectral scan dwell time/channel). At operation 806, the channelscanning scheduler 786 sends a scan start command to the tri-bandscanning radio 732-4. The tri-band scanning radio 732-4 may sequencereceived scan start commands if required at operation 808. At operation810, the tri-band scanning radio 732-4 forwards the scan start command,which may be sequenced, to the tri-band scanning radio 732-4. Afterreceiving the scan start command, the tri-band scanning radio 732-4performs wireless channel scanning as instructed. At operation 812, thetri-band scanning radio 732-4 starts dot11 scan on 1^(st) channel in thelist after putting MAC HW RX filter in promiscuous mode. In promiscuousmode, the MAC HW allows all frames through such that frames intended forother network devices can be read by the wireless AP 760. At operation814, the tri-band scanning radio 732-4 constructs and sendsdeauthentication frame(s) to any client(s) on the current channel(1^(st) channel) as off-channel transmission(s). At operation 816, thetri-band scanning radio 732-4 passes or transmitsmanagement/control/data frames to the host (i.e., the radio/Ethernetdriver 796) for packet capture. At operation 816, the tri-band scanningradio 732-4 passes or transmits management/control/data frames to thehost (i.e., the radio/Ethernet driver 796) for packet capture. Atoperation 818, the tri-band scanning radio 732-4 determines that dot11scan dwell time for 1^(st) channel has expired and starts spectral scanon the same channel (1^(st) channel) for configured spectral scan dwelltime at operation 820. At operation 822, the tri-band scanning radio732-4 determines that spectral scan dwell time for 1^(st) channel hasexpired and switches to next channel (e.g., 2^(nd) channel) to scan inthe scan channel list at operation 824 (for example, by performingoperations 812, 814, 816, 818, 820, 822 for the next channel). Atoperation 830, the tri-band scanning radio 732-4 determines that no morechannel to scan in the scan channel list (e.g., embedded or contained inthe scan start command) and the wireless channel scan is completed. Atoperation 832, the tri-band scanning radio 732-4 sends a scan completeevent to the host (i.e., the radio/Ethernet driver 796), which forwardsthe scan complete event to the channel scanning scheduler 786 atoperation 834.

FIG. 9 shows a swim-lane diagram illustrating an example wirelessscanning procedure under STA mode, which can take places between thechannel scanning scheduler 786, the radio/Ethernet driver 796, and the2.4 GHz/5GHz/6GHz tri-band scanning radio 732-4 of the wireless AP 760depicted in FIG. 7 . Although operations in the example procedure inFIG. 9 are described in a particular order, in some embodiments, theorder of the operations in the example procedure may be altered so thatcertain operations may be performed in an inverse order or so thatcertain operations may be performed, at least in part, concurrently withother operations.

In the example wireless scanning procedure depicted in FIG. 9 , thewireless AP 760 operates under STA mode and a STA interface is enabled.The wireless scanning procedure starts at operation 902, theradio/Ethernet driver 796 creates a wireless network interface on thetri-band scanning radio 732-4 and places the wireless network interfacein STA scanning mode. At operation 904, the channel scanning scheduler786 starts combined dot11 and spectral scan (e.g., generates a list ofchannels, dot11 scan dwell time/channel, a de-authentication clientlist, spectral scan dwell time/channel). At operation 906, the channelscanning scheduler 786 sends a scan start command to the tri-bandscanning radio 732-4. The tri-band scanning radio 732-4 may sequencereceived scan start commands if required at operation 908. At operation910, the tri-band scanning radio 732-4 forwards the scan start command,which may be sequenced, to the tri-band scanning radio 732-4. Afterreceiving the scan start command, the tri-band scanning radio 732-4performs wireless channel scanning as instructed. At operation 912, thetri-band scanning radio 732-4 starts dot11 scan on 1^(st) channel in thelist after putting MAC HW RX filter in promiscuous mode. In promiscuousmode, the MAC HW allows all frames through such that frames intended forother network devices can be read by the wireless AP 760. At operation914, the tri-band scanning radio 732-4 constructs and sendsdeauthentication frame(s) to any client(s) on the current channel(1^(st) channel) as off-channel transmission(s). At operation 916, thetri-band scanning radio 732-4 passes or transmitsmanagement/control/data frames to the host (i.e., the radio/Ethernetdriver 796) for packet capture. At operation 916, the tri-band scanningradio 732-4 passes or transmits management/control/data frames to thehost (i.e., the radio/Ethernet driver 796) for packet capture. Atoperation 918, the tri-band scanning radio 732-4 determines that dot11scan dwell time for 1^(st) channel has expired and starts spectral scanon the same channel (1^(st) channel) for configured spectral scan dwelltime at operation 920. At operation 922, the tri-band scanning radio732-4 determines that spectral scan dwell time for 1^(st) channel hasexpired and starts STA scan on the same channel (1^(st) channel) forconfigured STA scan dwell time at operation 924. At operation 926, thetri-band scanning radio 732-4 determines that STA scan dwell time for1^(st) channel has expired and switches to next channel (e.g., 2^(nd)channel) to scan in the scan channel list at operation 928 (for example,by performing operations 912, 914, 916, 918, 920, 922, 924, 926 for thenext channel). At operation 930, the tri-band scanning radio 732-4determines that no more channel to scan in the scan channel list (e.g.,embedded or contained in the scan start command) and the wirelesschannel scan is completed. At operation 932, the tri-band scanning radio732-4 sends a scan complete event to the host (i.e., the radio/Ethernetdriver 796), which forwards the scan complete event to the channelscanning scheduler 786 at operation 934.

In some embodiments, a cloud centralized off-channel scanning isperformed by, for example, the cloud server 102 (e.g., the NM module110) depicted in FIG. 1 . As 59 new 20 MHz channels are opened up andavailable in 6 GHz band, it is imperative to have an intelligentmechanism to scan through all of the channels to suitably time bound theoverall scan period. For example, a channel planning function likelyallocates at-least 80 MHz wide channels for 6 GHz APs with the primary20 MHz channel on a preferred scanning channel (PSC) and greater odds ofrecording broadcast probe requests from clients that are not permittedto be transmitted in non-PSC channels in 6 GHz band. The cloud server102 (e.g., the NM module 110) may schedule off-channels scans onpreferred scanning channels (PSCs) more frequently than non-preferredscanning channels. In some embodiments, the cloud server 102 (e.g., theNM module 110) dynamically deduces per channel scan dwells for a groupof wireless APs at a given instance of time, based on, for example, thenumber of active BSS and/or transmission (Tx)/receiver (Rx) channelutilization recorded historically. Cloud centralized off-channelscanning can be extended to other frequency band, for example, 5 GHzband, as well. The cloud server 102 (e.g., the NM module 110) may havebetter view of a RF neighborhood for a given tenant, the cloud server102 (e.g., the NM module 110) may compute and push down a pruned 6 GHzchannel list to scan for a given “RF group” of a set of wireless APsthat are in close vicinity to each other (possibly connected to the sameHE or a group of “neighboring” HEs) with the pruned list expected to beoptimized and different for different RF groups taking into accountclient locations, channel planning and WIPS/WIDS cases.

In some embodiments, a cloud server (e.g., the cloud server 102)includes memory and one or more processors configured to build a set ofchannels for off-channel scanning to be performed by a selected group ofwireless access points (APs), determine whether the set of channels foroff-channel scanning can be further pruned to generate a final optimizedlist of channels for off-channel scanning, and send the final optimizedlist of channels for off-channel scanning to the selected group ofwireless APs. By using the cloud server to determine channels foroff-channel scanning, scan efficiency can be improved, and scan durationcan be shortened. In some embodiments, the one or more processors areconfigured to determine whether the set of channels for off-channelscanning can be further pruned based on preferred scanning channel (PSC)information. In some embodiments, the one or more processors areconfigured to determine whether the set of channels for off-channelscanning can be further pruned based on historical channel utilizationof the selected group of wireless APs. In some embodiments, the one ormore processors are configured to determine whether the set of channelsfor off-channel scanning can be further pruned based on active basicservice set (BSS) data gathered by the selected group of wireless APs.In some embodiments, the one or more processors are configured to causespectral scans to be performed on the final optimized list of channelsfor off-channel scanning to detect non-WiFi interference. In someembodiments, the one or more processors are configured to causedeauthentication frames to be constructed and transmitted by theselected group of wireless APs on the final optimized list of channelsfor off-channel scanning. In some embodiments, the one or moreprocessors are configured to cause medium access control (MAC) hardware(HW) of the selected group of wireless APs to be placed in promiscuousmode to capture different types of frames. In some embodiments, thechannels for off-channel scanning are of three different frequencyranges, and the three different frequency ranges includes 2.4 gigahertz(GHz), 5 GHz, and 6 GHz.

FIG. 10 is a process flow diagram of a method for a cloud centralizedoff-channel scanning in accordance to an embodiment of the invention.According to the method, at block 1102, at a cloud server, a pruned setof channels (e.g., 2.4G+5G+6G channels) for off-channel scanning to beperformed by a selected group of wireless APs is built. At block 1104,at the cloud server, it is determined whether the pruned set of channelsfor off-channel scanning can be pruned further by considering if a 6Gchannel is PSC or not, historical channel utilization, and/or active BSSdata gathered by the selected group of wireless APs. At block 1106, atthe cloud server, a final optimized list of channels for off-channelscanning is sent to the selected group of wireless APs. The cloud servermay be similar to, the same as, or a component of the cloud server 102depicted in FIG. 1 . The selected group of wireless APs may be similarto, the same as, or a component of the wireless APs 360-1, 360-2, 360-3,360-4, 360-5, 360-6 depicted in FIG. 3 , the wireless APs 460-1, 460-2,460-3, 460-4, 460-5, 460-6 depicted in FIG. 4 , and/or the wireless AP760 depicted in FIG. 7 .

A sample channel allocation for 2 AP groups by the cloud server 102(e.g., the NM module 110) depicted in FIG. 1 is described below. APGroup 1 includes three wireless APs, AP1, AP2, AP3, operating on 6 GHzchannels C1, C2, C3, while AP Group 2 includes three wireless APs, AP4,AP5, AP6, operating on 6 GHz channels C4, C5, C6.

-   S = {Set of all 20 MHz channels in 6 GHz band}-   R1 = {S - {C1, C2, C3}}-   R2 = {S - {C4, C5, C6}}-   Pruned list for AP Group 1 = {C1, C2, C3, subset of channels from    R1}-   Pruned list for AP Group 2 = {C4, C5, C6, subset of channels from    R2}

Operating channels of all the APs in an AP group is expected to bepresent in the pruned list for that group for RSSI based clienttriangulation use cases. The optimality can be achieved by making sureintersection of subset of channels from R1 in pruned list 1 and subsetof channels from R2 in pruned list 2 is kept as minimal as possible, bythe cloud server 102 (e.g., the NM module 110) depicted in FIG. 1 .Further, the subset selected for each of the AP groups can be variedover time by the cloud server 102 (e.g., the NM module 110) depicted inFIG. 1 to make sure all the 6 GHz channels in set S is scanned by eachof the APs at least once within a suitable time interval.

FIG. 11 depicts a sample channel allocation for AP groups, AP Group 1and AP Group 2, by the cloud server 102 (e.g., the NM module 110)depicted in FIG. 1 . In the embodiment depicted in FIG. 11 , AP Group 1includes three wireless APs, AP1, AP2, AP3, operating on 6 GHz channels5, 69, 133, while AP Group 2, includes three wireless APs, AP4, AP5,AP6, operating on 6 GHz channels 165, 101, 37. A sample PrunedOff-channel scan list is:

-   Time t1    -   Group 1 - {All channels in 2.4G, 5G, 1-29, 65-93, 129-157,        193-233, 33-61 channels in 6G}    -   Group 2 - {All channels in 2.4G, 5G, 33-61, 97-125, 161-189,        1-29, 129-157 channels in 6G}-   Time t2    -   Group 1 - {All channels in 2.4G, 5G, 1-29, 65-93, 129-157,        97-125, 161-189 channels in 6G}    -   Group 2- {All channels in 2.4G, 5G, 33-61, 97-125, 161-189,        65-93, 193-233}

{1-29, 65-93, 129-157} channel list is always present for AP Group 1 asAP1, AP2, AP3 are operating on 160 MHz channels 5, 69, and 133,respectively, and similarly, {33-61, 97-125, 161-189} channel list isalways present for AP Group 2 as AP4, AP5, AP6 are operating on 160 MHzchannels 165, 101, 37, respectively. A link between an AP pair <x, y>exists if x can receive a beacon from y at RSSI > a threshold (e.g.,-82dBm) and vice versa.

FIG. 12 is a process flow diagram of a method for wireless channelscanning in accordance to an embodiment of the invention. According tothe method, at block 1202, at a wireless device (e.g., a wireless AP), awireless local area network (WLAN) scan and a spectral scan areperformed on a first channel of a channel scan list. At block 1204, atthe wireless device, the WLAN scan and the spectral scan are performedon a second channel of the channel scan list after the WLAN scan and thespectral scan on the first channel are completed. By performed acombined WLAN (e.g., dot11) scan and spectral scan sequentially on eachchannel to be scanned to detect WiFi and non-WiFi interferences, scanefficiency can be improved, and scan duration can be shortened. In someembodiments, at the wireless device, the WLAN scan is performed on thefirst channel of the channel scan list to detect WiFi interference, andthe spectral scan is performed on the first channel of the channel scanlist to detect non-WiFi interference. In some embodiments, at thewireless device, an off-channel scan is performed on the first channelof the channel scan list. In some embodiments, at the wireless device,at least one deauthentication frame is constructed and transmitted to atleast one device on the first channel of the channel scan list. Byperformed the off-channel scan with the spectral scan sequentially oneach channel to be scanned, scan efficiency can be improved, and scanduration can be shortened. In some embodiments, at the wireless device,medium access control (MAC) hardware (HW) is placed in promiscuous modeto capture different types of frames. In some embodiments, at thewireless device, the spectral scan is performed on the first channel ofthe channel scan list to detect non-WiFi interference after the WLANscan on the first channel is completed. In some embodiments, thewireless device includes a wireless access point (AP). In someembodiments, a wireless network interface of the wireless AP is placedin station (STA) scanning mode in which the wireless AP behaves as awireless station. In some embodiments, at the wireless AP, a station(STA) scan is performed on a channel of the channel scan list. In someembodiments, the wireless AP is associated with or at least one ping istransmitted to a neighboring wireless AP on a channel of the channelscan list for a service-level agreement (SLA) requirement. By performeda combined WLAN (e.g., dot11) scan and spectral scan sequentially oneach channel to be scanned with STA scan, scan efficiency can beimproved, and scan duration can be shortened. In some embodiments, thewireless AP further includes three wireless radio frequency (RF)frontends having three different frequency ranges. In some embodiments,the three wireless RF frontends are of 2.4 gigahertz (GHz), 5 GHz, and 6GHz. The wireless device and/or the wireless AP may be similar to, thesame as, or a component of the wireless APs 360-1, 360-2, 360-3, 360-4,360-5, 360-6 depicted in FIG. 3 , the wireless APs 460-1, 460-2, 460-3,460-4, 460-5, 460-6 depicted in FIG. 4 , and/or the wireless AP 760depicted in FIG. 7 .

FIG. 13 is a process flow diagram of a method for wireless channelscanning in accordance to an embodiment of the invention. According tothe method, at block 1302, at a wireless access point (AP), a wirelesslocal area network (WLAN) scan is performed on a first channel of achannel scan list, where performing the WLAN scan on the first channelincludes performing an off-channel scan on the first channel. At block1304, at the wireless AP, a spectral scan is performed on the firstchannel after the WLAN scan on the first channel is completed. At block1306, at the wireless AP, the WLAN scan is performed on a second channelof the channel scan list after the WLAN scan and the spectral scan onthe first channel are completed, where performing the WLAN scan on thesecond channel includes performing the off-channel scan on the secondchannel. At block 1308, at the wireless AP, the spectral scan isperformed on the second channel of the channel scan list after the WLANscan on the second channel is completed. By performing the off-channelscan with the spectral scan sequentially on each channel to be scanned,scan efficiency can be improved, and scan duration can be shortened. Thewireless AP may be similar to, the same as, or a component of thewireless APs 360-1, 360-2, 360-3, 360-4, 360-5, 360-6 depicted in FIG. 3, the wireless APs 460-1, 460-2, 460-3, 460-4, 460-5, 460-6 depicted inFIG. 4 , and/or the wireless AP 760 depicted in FIG. 7 .

FIG. 14 is a process flow diagram of a method for wireless channelscanning in accordance to an embodiment of the invention. According tothe method, at block 1402, at a cloud server, a set of channels foroff-channel scanning to be performed by a selected group of wirelessaccess points (APs) is built or generated. At block 1404, at the cloudserver, it is determined whether the set of channels for off-channelscanning can be further pruned to generate a final optimized list ofchannels for off-channel scanning. At block 1406, at the cloud server,the final optimized list of channels for off-channel scanning is sent tothe selected group of wireless APs. By using the cloud server todetermine channels for off-channel scanning, scan efficiency can beimproved, and scan duration can be shortened. In some embodiments, atthe cloud server, it is determined whether the set of channels foroff-channel scanning can be further pruned based on preferred scanningchannel (PSC) information. In some embodiments, at the cloud server, itis determined whether the set of channels for off-channel scanning canbe further pruned based on historical channel utilization of theselected group of wireless APs. In some embodiments, at the cloudserver, it is determined whether the set of channels for off-channelscanning can be further pruned based on active basic service set (BSS)data gathered by the selected group of wireless APs. In someembodiments, at the cloud server, spectral scans are caused to beperformed on the final optimized list of channels for off-channelscanning to detect non-WiFi interference. In some embodiments, at thecloud server, deauthentication frames are caused to be constructed andtransmitted by the selected group of wireless APs on the final optimizedlist of channels for off-channel scanning. In some embodiments, at thecloud server, medium access control (MAC) hardware (HW) of the selectedgroup of wireless APs is caused to be placed in promiscuous mode tocapture different types of frames. In some embodiments, the channels foroff-channel scanning are of three different frequency ranges. In someembodiments, the three different frequency ranges comprise 2.4 gigahertz(GHz), 5 GHz, and 6 GHz. In some embodiments, each wireless AP of theselected group of wireless APs further comprises three wireless radiofrequency (RF) frontends having three different frequency ranges. Insome embodiments, the three wireless RF frontends are of 2.4 gigahertz(GHz), 5 GHz, and 6 GHz. The cloud server may be similar to, the sameas, or a component of the cloud server 102 depicted in FIG. 1 . Theselected group of wireless APs may be similar to, the same as, or acomponent of the wireless APs 360-1, 360-2, 360-3, 360-4, 360-5, 360-6depicted in FIG. 3 , the wireless APs 460-1, 460-2, 460-3, 460-4, 460-5,460-6 depicted in FIG. 4 , and/or the wireless AP 760 depicted in FIG. 7.

FIG. 15 is a process flow diagram of a method for wireless channelscanning in accordance to an embodiment of the invention. According tothe method, at block 1502, at a cloud server, a set of channels foroff-channel scanning to be performed by a selected group of wirelessaccess points (APs) is built or generated, where the channels foroff-channel scanning are of three different frequency ranges, and wherethe three different frequency ranges comprise 2.4 gigahertz (GHz), 5GHz, and 6 GHz. At block 1504, at the cloud server, it is determinedwhether the set of channels for off-channel scanning can be furtherpruned to generate a final optimized list of channels for off-channelscanning based on preferred scanning channel (PSC) information,historical channel utilization of the selected group of wireless APs,and active basic service set (BSS) data gathered by the selected groupof wireless APs. At block 1506, at the cloud server, the final optimizedlist of channels for off-channel scanning is sent to the selected groupof wireless APs. By using the cloud server to determine channels foroff-channel scanning, scan efficiency can be improved, and scan durationcan be shortened. The cloud server may be similar to, the same as, or acomponent of the cloud server 102 depicted in FIG. 1 . The selectedgroup of wireless APs may be similar to, the same as, or a component ofthe wireless APs 360-1, 360-2, 360-3, 360-4, 360-5, 360-6 depicted inFIG. 3 , the wireless APs 460-1, 460-2, 460-3, 460-4, 460-5, 460-6depicted in FIG. 4 , and/or the wireless AP 760 depicted in FIG. 7 .

Although the operations of the method(s) herein are shown and describedin a particular order, the order of the operations of each method may bealtered so that certain operations may be performed in an inverse orderor so that certain operations may be performed, at least in part,concurrently with other operations. In another embodiment, instructionsor sub-operations of distinct operations may be implemented in anintermittent and/or alternating manner.

It should also be noted that at least some of the operations for themethods described herein may be implemented using software instructionsstored on a computer useable storage medium for execution by a computer.As an example, an embodiment of a computer program product includes acomputer useable storage medium to store a computer readable program.

The computer-useable or computer-readable storage medium can be anelectronic, magnetic, optical, electromagnetic, infrared, orsemiconductor system (or apparatus or device). Examples ofnon-transitory computer-useable and computer-readable storage mediainclude a semiconductor or solid-state memory, magnetic tape, aremovable computer diskette, a random-access memory (RAM), a read-onlymemory (ROM), a rigid magnetic disk, and an optical disk. Currentexamples of optical disks include a compact disk with read only memory(CD-ROM), a compact disk with read/write (CD-R/W), and a digital videodisk (DVD).

Alternatively, embodiments of the invention may be implemented entirelyin hardware or in an implementation containing both hardware andsoftware elements. In embodiments which use software, the software mayinclude but is not limited to firmware, resident software, microcode,etc.

Although specific embodiments of the invention have been described andillustrated, the invention is not to be limited to the specific forms orarrangements of parts so described and illustrated. The scope of theinvention is to be defined by the claims appended hereto and theirequivalents.

What is claimed is:
 1. A method for wireless channel scanning, themethod comprising: at a cloud server, building a set of channels foroff-channel scanning to be performed by a selected group of wirelessaccess points (APs); at the cloud server, determining whether the set ofchannels for off-channel scanning can be further pruned to generate afinal optimized list of channels for off-channel scanning; and at thecloud server, sending the final optimized list of channels foroff-channel scanning to the selected group of wireless APs.
 2. Themethod of claim 1, wherein at the cloud server, determining whether theset of channels for off-channel scanning can be further pruned togenerate the final optimized list of channels for off-channel scanningcomprises at the cloud server, determining whether the set of channelsfor off-channel scanning can be further pruned based on preferredscanning channel (PSC) information.
 3. The method of claim 1, wherein atthe cloud server, determining whether the set of channels foroff-channel scanning can be further pruned to generate the finaloptimized list of channels for off-channel scanning comprises at thecloud server, determining whether the set of channels for off-channelscanning can be further pruned based on historical channel utilizationof the selected group of wireless APs.
 4. The method of claim 1, whereinat the cloud server, determining whether the set of channels foroff-channel scanning can be further pruned to generate the finaloptimized list of channels for off-channel scanning comprises at thecloud server, determining whether the set of channels for off-channelscanning can be further pruned based on active basic service set (BSS)data gathered by the selected group of wireless APs.
 5. The method ofclaim 1, further comprises at the cloud server, causing a plurality ofspectral scans to be performed on the final optimized list of channelsfor off-channel scanning to detect non-WiFi interference.
 6. The methodof claim 1, further comprises at the cloud server, causing a pluralityof deauthentication frames to be constructed and transmitted by theselected group of wireless APs on the final optimized list of channelsfor off-channel scanning.
 7. The method of claim 1, further comprises atthe cloud server, causing medium access control (MAC) hardware (HW) ofthe selected group of wireless APs to be placed in promiscuous mode tocapture different types of frames.
 8. The method of claim 1, wherein thechannels for off-channel scanning are of three different frequencyranges.
 9. The method of claim 8, wherein the three different frequencyranges comprise 2.4 gigahertz (GHz), 5 GHz, and 6 GHz.
 10. The method ofclaim 1, wherein each wireless AP of the selected group of wireless APsfurther comprises three wireless radio frequency (RF) frontends havingthree different frequency ranges.
 11. The method of claim 10, whereinthe three wireless RF frontends are of 2.4 gigahertz (GHz), 5 GHz, and 6GHz.
 12. A cloud server, the cloud server comprising: memory; and one ormore processors configured to: build a set of channels for off-channelscanning to be performed by a selected group of wireless access points(APs); determine whether the set of channels for off-channel scanningcan be further pruned to generate a final optimized list of channels foroff-channel scanning; and send the final optimized list of channels foroff-channel scanning to the selected group of wireless APs.
 13. Thecloud server of claim 12, wherein the one or more processors areconfigured to determine whether the set of channels for off-channelscanning can be further pruned based on preferred scanning channel (PSC)information.
 14. The cloud server of claim 12, wherein the one or moreprocessors are configured to determine whether the set of channels foroff-channel scanning can be further pruned based on historical channelutilization of the selected group of wireless APs.
 15. The cloud serverof claim 12, wherein the one or more processors are configured todetermine whether the set of channels for off-channel scanning can befurther pruned based on active basic service set (BSS) data gathered bythe selected group of wireless APs.
 16. The cloud server of claim 12,wherein the one or more processors are configured to cause a pluralityof spectral scans to be performed on the final optimized list ofchannels for off-channel scanning to detect non-WiFi interference. 17.The cloud server of claim 12, wherein the one or more processors areconfigured to cause a plurality of deauthentication frames to beconstructed and transmitted by the selected group of wireless APs on thefinal optimized list of channels for off-channel scanning.
 18. The cloudserver of claim 12, wherein the one or more processors are configured tocause medium access control (MAC) hardware (HW) of the selected group ofwireless APs to be placed in promiscuous mode to capture different typesof frames.
 19. The cloud server of claim 12, wherein the channels foroff-channel scanning are of three different frequency ranges, andwherein the three different frequency ranges comprise 2.4 gigahertz(GHz), 5 GHz, and 6 GHz.
 20. A method for wireless channel scanning, themethod comprising: at a cloud server, building a set of channels foroff-channel scanning to be performed by a selected group of wirelessaccess points (APs), wherein the channels for off-channel scanning areof three different frequency ranges, and wherein the three differentfrequency ranges comprise 2.4 gigahertz (GHz), 5 GHz, and 6 GHz; at thecloud server, determining whether the set of channels for off-channelscanning can be further pruned to generate a final optimized list ofchannels for off-channel scanning based on preferred scanning channel(PSC) information, historical channel utilization of the selected groupof wireless APs, and active basic service set (BSS) data gathered by theselected group of wireless APs; and at the cloud server, sending thefinal optimized list of channels for off-channel scanning to theselected group of wireless APs.